This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
Debian Security reports :
CVE-2016-10195: The name_parse function in evdns.c in libevent before
2.1.6-beta allows remote attackers to have unspecified impact via
vectors involving the label_len variable, which triggers an
out-of-bounds stack read.
CVE-2016-10196: Stack-based buffer overflow in the
evutil_parse_sockaddr_port function in evutil.c in libevent before
2.1.6-beta allows attackers to cause a denial of service (segmentation
fault) via vectors involving a long string in brackets in the
CVE-2016-10197: The search_make_new function in evdns.c in libevent
before 2.1.6-beta allows attackers to cause a denial of service
(out-of-bounds read) via an empty hostname.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5